If not, add one as shown below:Īdd a firewall rule to allow connections to the SSLVPN In 5.8.1.13, you will have already done this.įinally, you will want to go into your Firewall settings and be certain that a rule was automatically created on your WAN interface to allow SSLVPN connections. Later on as we configure users, you can specify specific routes for individual users.įinally, in SonicOS 5.9.0.0 you need to go to the Client Settings tab to setup your WINS, DNS, etc… for the client to use. Note that these routes are the superset of the routes that you want people to be able to connect to. In the example to the right, you see that I have added a list of routes for the clients to use through the NetExtender client when they connect. In SonicOS 5.8.1.13, this is defined in SSL VPN / Client Routes. On the Client routes tab you need to choose from the address objects defined in Network / Address Objects which ones you want to allow the clients to connect to.
This is different than the 5.8.1.13 SonicOS and therefore, give you more flexibility as it doesn’t have to draw addresses from a current network that you have assigned to an interface. To the right is how I defined my SSLVPN DHCP pool Network Object on my 5.9 SonicOS. In SonicOS 5.8.1.13, one configures the whole DHCP setup completely in this area by setting the interface where the addresses are routed that you want to use–like X0 for example, Then setup the range using the start ip and end ip and then all of the other network stuff that you would normally expect such as WINS if needed, DNS, etc… You would then to to SSL VPN / Client Routes to set that up like we will describe later for 5.9.Ĭreate Your SSLVPN DHCP POOL Address Object This is where things are a bit different between 5.8 and 5.9. Next, we go into SSL VPN / Client Settings. This has been good for me because sometimes there are specific versions of the NetExtender client that I want my clients using due to bugs or other.
Setup sonicwall netextender download#
Setup the URL for downloading the NetExtender clients if you wish to enable the client to download them from a site that you completely control.Setup the Radius settings if you use Radius.The Inactivity Timeout will disconnect clients if they are inactive longer than this time period.If you need to manage this SonicWall over this VPN directly you will want to Enable Web Management and likewise if you use SSH for SonicWall management, turn that on too.The only thing that this matches to is the domain name that they will need to enter on the NetExtender client side.
Setup sonicwall netextender how to#
There are several great tutorials out there on how to setup a SonicWall SSLVPN.